On 30 May 2020, at 22:36, Mark Constable <markc@renta.net> wrote:
993/995 with TLS enabled back to ports 143/110 without SSL or they could not pick up email. Thunderbird users (ie; me) were unaffected.
Insecure mail login is far too risky to allow. I don't even allow it within a LAN.
Could anyone share a set of port 993/995 SSL settings known to work with Windows7 and Outlook16 using "dovecot -n|grep ^ssl_" please ?
If the users cannot upgrade to an OS that works with TLS 1.2, then you need to either move them to a client that does its own TLS handling, or setup webmail (like Horde or Raoundcube).
Those clients on older machines are similarly going to have trouble accessing banks, health sites, or other secure logins as TLS 1.0 and 1.1 are not supported anymore. In fact, if it were not for the current pandemic, their browsers would already have lost TLS 1.0 and 1.1 abilities.
-- Margo: Give me a phaser and a red shirt. Male centurion: What?